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DETAILED ACTION 

The instant application having Application No. 10/540,219 Is presented for 
examination by the examiner. Claims 1-9, 1 1-21 , 23-30, 32, 33, and 35-40 are pending. 
Claims 1,17, and 26 have been amended. 

Response to Amendment 

Claim Rejections - 35 USC §112 

The current claim amendments overcome the previous 112 rejection. 

Response to Arguments 

Applicant's arguments filed 6/18/10 have been fully considered but they are not 
persuasive. Applicant alleges that Naccache does not teach three separate instructions 
which effect comparing the second signature to the first signature. Examiner 
respectfully disagrees. Naccache clearly teaches three instructions which meet the 
limitations imposed by the claimed invention. Specifically, the first instruction is 
equivalent to the 'detecting the first monitoring instruction' because it initializes the 
second signature calculation. Fig. 3 steps 32 and 34 show this instruction and 
initialization. The first instruction can also be seen in Fig. 7. Now, with respect to a 
second instruction, Naccache shows the second instruction in Fig. 3, step 40. The 
function 'F' is causing the second signature to be generated. Lastly, the third instruction 
which compares the first and second signatures together is shown in Fig. 3, step 50. 
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When this instruction is encountered, the second signature, generated by function 'F', is 
compared to the original signature. 

In response to applicant's argument that the references fall to show certain 
features of applicant's Invention, It Is noted that the features upon which applicant relies 
(i.e., calculating a signature according to one of a plurality of functions) are not recited in 
the rejected claim(s). Although the claims are interpreted in light of the specification, 
limitations from the specification are not read Into the claims. See In re Van Geuns, 988 
F.2d 1 181 , 26 USPQ2d 1057 (Fed. CIr. 1993). Applicant appears to Interpret the 
calculation mode in a narrower view than the claim affords. Nevertheless, Naccache 
teaches that the function 'F' Is arbitrary and that It could relate to any type of hash 
function (col. 5, lines 44-51 ) or CRC function (col. 5, lines 53-57). Not only does 
Naccache teach multiple types of functions for generating the signatures, but looking at 
Fig. 3 and 4, it is clear that the calculation mode can be calculated at different times. In 
Fig. 3, 'F' is performed after reading each Instruction of the block of Instructions between 
the first and second monitoring Instructions. In the calculation mode of Fig. 4, the 
function 'F' Is not calculated until all Instructions between the first and second 
monitoring instructions have been stored. So not only does Naccache teach multiple 
ways in which the second signature is calculated, but also multiple types of functions as 
mentioned above. All of which clearly teach or suggest the calculation mode as 
claimed. In view of this, the rejection must be maintained. 
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Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1 ) an application for patent, published under section 1 22(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-4, 8, 9, 11-21, 23-28, 32, 33, and 35-40 are rejected under 35 U.S.C. 
102(e) as being anticipated by USP 7,168,065 to Naccache et al, hereinafter Naccache. 

As per claim 1 , Naccache teaches a method of making secure the execution of a 
computer program (EXE) including a set of at least one instruction, which method is 
characterized in that it includes: 

- a first step (E30), prior to the execution of the computer program, of calculating and 
storing a first signature (SIG1) representative of the intended execution of the set of 
instructions (col. 4, lines 25-29), 

- a second step (E50), during the execution of the set of instructions, of calculating and 
storing a second signature (SIG2) representative of the execution of the set of 
instructions (col. 4, lines 35-36), and 

- a step (E60) of detecting an anomaly in the execution of the set of instructions on the 
basis of the first signature (SIG1) and the second signature (SIG2) (col. 4, lines 38-39), 
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wherein said set of instructions comprising at least one first instruction for initializing the 
calculation of the second signature (col. 9, lines 25-30 and Fig. 3, element 34), at least 
one second instruction depending upon the calculation mode of the second signature 
(Fig. 3, element 40, and col. 9, lines 34-40), and a third instruction, different than the at 
least one second instruction, for comparing the second signature obtained according to 
the at least one second instruction with the first signature (col. 9, lines 51-55 and Fig. 3, 
element 50). 

As per claim 26, Naccache teaches a device for making secure the execution of 
a computer program including a set of instructions comprising at least one instruction, 
which device is characterized in that it includes (see abstract): 

- a first register (REG1) (col. 4, line 8) for storing a first signature (SIG1) representative 
of the intended execution of the set of instructions (col. 4, lines 25-29), 

- means (22) for calculating and storing in a second storage register (REG2) (col. 6, line 
18) during the execution of the set of instructions a second signature (SIG2) 
representative of the execution of the set of instructions (col. 4, lines 35-36), and 

- means (24) for detecting an anomaly in the execution of the set of instructions on the 
basis of the first signature (SIG1) and the second signature (SIG2) (col. 4, lines 35-36), 
said set of instructions comprising at least one first instruction for initializing the 
calculation of the second signature (col. 9, lines 25-30 and Fig. 3, element 34), at least 
one second instruction depending upon the calculation mode of the second signature 
(Fig. 3, element 40, and col. 9, lines 34-40), and a third instruction, different than the at 
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least one second instruction, for comparing the second signature obtained according to 
the at least one second instruction with the first signature (col. 9, lines 51-55 and Fig. 3, 
element 50). 

As per claim 2, Naccache teaches that the first calculation and storage step 
(E30) is executed during the generation [preparation] of the instructions (Al, AI3) of the 
computer program (col. 4, line 25). 

As per claims 3 and 27, Naccache teaches that the second signature (SIG2) 
stored during the second calculation and storage step (E50) is retained in memory 
during the execution of at least one second instruction following the set of instructions 
(col. 5, lines 4-6 and 64-68). Naccache teaches using one the preceding values in 
memory to calculate the next value, so therefore it must remain in memory. 

As per claims 4 and 28, Naccache teaches the first signature (SIG1 ) is obtained 
from the number of instructions in the set of instructions [accounts for each number of 
the instructions] (col. 9, lines 23-27), 

- the second signature (SIG2) is obtained from the number of instructions from the set of 
instructions that have been executed [numerical value of executed instructions](col. 9, 

lines 31-35), and in that 

the detection step (E60) detects an execution anomaly when the first signature (SIG1) 
and the second signature (SIG2) are different after the execution of the set of 
instructions [compare VHn to Vref] (col. 9, lines 60-64). 



Application/Control Number: 10/540,219 Page 7 

Art Unit: 2431 

As per claims 8 and 32, Naccache teaches the first signature (SIG1 ) is obtained 
from the code of a critical instruction of the set of instructions (col. 4, lines 25-29), 

- the second signature is obtained from the code of the critical instruction, that code 
being stored at the same time as or after the execution of the critical instruction [jump] 
(col. 14, lines 32-35), and in that 

- the detection step (E60) detects an execution anomaly when the first signature (SIG1 ) 
and the second signature (SIG2) are different after the execution of the set of 
instructions (col. 10, lines 14-19). 

As per claims 9 and 33, Naccache teaches the first signature (SIG1) is obtained 
from the address of a critical instruction (col. 5, line 51) of the set of instructions, the 
address being obtained during or after the generation of the executable code of the set 
of instructions (col. 4, lines 25-29), 

- the second signature (SIG2) is obtained from the address of the critical instruction, that 
address being stored (E30) at the same time as or after the execution (E30) of the 
critical instruction (col. 14, lines 32-38), and 

- the detection step (E60) detects an execution anomaly when the first signature (SIG1) 
and the second signature (SIG2) are different after the execution of the set of 
instructions (col. 10, lines 14-19). 

As per claims 1 1 and 35, Naccache teaches the first signature (SIG1) and the 
second signature (SIG2) are error detector codes (CRC1 , CRC2) calculated from the 
code or from an address of an instruction of the set of instructions (col. 5, lines 53-58), 
and in that the detection step (E60) detects an execution anomaly when the first 
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signature (SIG1 ) and tlie second signature (SIG2) are different after the execution of tine 
set of instructions (col. 10, lines 14-19). 

As per claims 12 and 36, Naccache teaches that the error detector codes are 
cyclic redundancy check codes (col. 5, lines 53-58). 

As per claims 13 and 37, Naccache teaches that the error detector codes are 
obtained by the logical combination (XOR) of the code or an address of at least one 
instruction of the set of instructions (col. 5, lines 53-58). Naccache teaches the use of 
CRC which perform logical combination (XOR included) in order to carry out the 
operation. Examiner is not giving XOR patentable weight here as the syntax implies 
XOR as an example of logical combination. 

As per claims 14 and 38, Naccache teaches the first signature (SIG1) and the 
second signature (SIG2) are respectively obtained during the generation and the 
execution of the instructions from at least two elements chosen from: 
the number of instructions in the set of instructions, 

the code of at least one instruction of the set of instructions (col. 5, lines 45-51 ), 

the address of at least one instruction of the set of instructions (col. 5, lines 45-51 ), and 

an error detector code calculated from the code or an address of at least one critical 
instruction of the set of instructions, the address being obtained during or after the 
generation of the executable code of the set of instructions (col. 5, lines 53-59), and in 
that the detection step (E60) detects an execution anomaly when the first signature 
(SIG1 ) and the second signature (SIG2) are different after the execution of the set of 
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instructions (col. 10, lines 14-19). Naccache teaches using the code and address as 
hash inputs thus two criteria from the list are chosen. 

As per claims 15 and 39, Naccache teaches that it includes a step (E70) of 
destroying at least a portion of the system on which the computer program is executed, 
this step of destroying being made when an execution anomaly is detected in the 
detection step (col. 4, line 45). 

As per claim 16, Naccache teaches in that the first signature (SIG1) is generated 
automatically [already generated before execution of program] (col. 4, line 25-30). 

As per claim 17, Naccache teaches a device for processing a computer program 
including a set of at least one instruction, characterized in that it includes means (12) for 
calculating and storing a first signature (SIG1), the first signature (SIG1) stored in a 
memory and the first signature is representative of the intended execution of the set of 
instructions prior to the execution thereof (col. 4, lines 25-30), said set of instructions 
comprising at least one first instruction for initializing the calculation of the second 
signature (col. 9, lines 25-30 and Fig. 3, element 34), at least one second instruction 
depending upon the calculation mode of the second signature (Fig. 3, element 40, and 
col. 9, lines 34-40), and a third instruction, different than the at least one second 
instruction, for comparing the second signature obtained according to the at least one 
second instruction with the first signature (col. 9, lines 51-55 and Fig. 3, element 50). 
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As per claim 18, Naccache teaches the first signature (SIG1) [Vref] are adapted 
to calculate and store information obtained from the number of instructions of the set of 
instructions (col. 9, line 65 - col. 10, line 5). 

As per claim 19, Naccache teaches the means (12) for calculating and storing 
the first signature (SIG1) are adapted to obtain and store information obtained from the 
code of a critical instruction [jump] of the set of instructions (col. 14, lines 33-35). 

As per claim 20, Naccache teaches means for generating executable code from 
the computer program (col. 8, lines 35-36). 

As per claim 21 , Naccache teaches the means for calculating and storing the first 
signature (SIG1) are adapted to obtain and store information obtained from the address 
of a critical instruction (col. 5, line 51), the information being obtained of the set of 
instructions by the means (14) for generating executable code (col. 8, lines 35-40). 

As per claim 23, Naccache teaches that the means (12) for calculating and 
storing the first signature (SIG1 ) are adapted to calculate and store information obtained 
from an error detector code (GRG1 ) calculated from the code or an address of at least 
one instruction of the set of instructions (col. 5, lines 53-58). 

As per claim 24, Naccache teaches that the error detector code (CRCI) is a cyclic 
redundancy check code (col. 5, line 57). 

As per claim 25, Naccache teaches that the error detector code is obtained by a 
logical combination (XOR) of the code or an address of at least one instruction of the 
set of instructions (col. 5, lines 53-58). Naccache teaches the use of CRC which 
perform logical combination (XOR included) in order to carry out the operation. 
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Examiner is not giving XOR patentable weight here as the syntax implies XOR as an 
example of logical combination. 

As per claim 40, Naccache teaches a microcircuit card [smart card] characterized 
in that it includes a securing device according to claim 26 (col. 6, lines 27-35). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

Claims 5-7, 29, and 30 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Naccache. 

As per claims 5 and 29, Naccache teaches the first signature (SIG1) is obtained 
from the number of instructions in the set of instructions [accounts for each number of 
the instructions] (col. 9, lines 23-27). The calculation performed in these claims is an 
obvious mathematical variation to those taught by Naccache and in claim 4. Claim 4 
calculates a running hash value by each of executed instructions and ultimately 
compares the final result to the reference hash value. This ensures that each 
instruction is proper and that the instructions in the set are executed in the correct order. 
One of ordinary skill in the art could have simply run the hash on the unexecuted 
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instructions and subtracted tliat value to tine reference liash to achieve the same 
desired result. This provides the same assurance that each proper instruction was 
executed in the correct order. Once all of the instructions are executed, the value 
should be zero if they all matched the reference hash value. This is simply an 
operational design choice. The claim would have obvious because one of ordinary skill 
in the art can substitute equivalent known methods which yield predictable results. 

As per claims 6 and 30, Naccache teaches that an interrupt of the computer 
program is triggered when the value of the second signature (SIG2) is below a 
predetermined threshold (col. 4, lines 40-47). 

As per claims 7, Naccache teaches that the first signature (SIG1) and the second 
signature (SIG2) are retained in memory (col. 1, line 47) during the execution of the 
program in the same register (REG1) (col. 9, lines 13-17). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to MICHAEL R. VAUGHAN whose telephone number is 
(571)270-7316. The examiner can normally be reached on Monday - Thursday, 7:30am 
- 5:00pm, EST. If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, William Korzuch can be reached on 571-272-7589. The fax 
phone number for the organization where this application or proceeding is assigned is 
571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



Application/Control Number: 10/540,219 
Art Unit: 2431 



Page 14 



/M. R. V./ 

Examiner, Art Unit 2431 
/William R. Korzuch/ 

Supervisory Patent Examiner, Art Unit 2431 



